To gain access to a web site offering secure content, such as a site maintained by a financial organization, a user enters verification information typically comprised of a user log-in and a password or Personal Identification Number (PIN). The user log-in specifically identifies the user; whereas the password or PIN comprises a secret code that only the user and the web site know, thereby preventing unauthorized access by upon entry of the user long-in alone. Web sites that offer unsecure content, for example the content provided by a newspaper or the like, typically do not require a high level of security. At best, such sites may only require a user to enter a log-in for the purpose of tracking customer usage.
Web sites with easy user access remain vulnerable to repeated automated access by computers. To allow for individual access by a human being but reduce in not eliminate repeated automated access by computers, many web sites make use of a Completely Automated Public Turing test to tell Computers and Humans Apart” (CAPTCHA). A typical CAPTCHA takes the form of a display of one or more sets of alphanumeric characters (typically, although not necessarily in the form of one or more words) obscured in some manner so as to be recognizable by a human being but unrecognizable by a computer, even with the aid of known computer-based imaging techniques. A user seeking access must decipher the obscured word or words and enter them to successfully gain access. The inability of a computer to decipher the obscured word or words thus prevents automated access.
Advances in computer-aided image recognition techniques have made present-day CAPTCHAs less secure. Thus, a need exists for a CAPTCHA having enhanced security.